About Orbital

Orbital is a cloud-based, attack research and response tool. It allows the user to gather system and security information from the client’s networked devices and to respond to any threats found.

To accomplish this, Orbital allows you to query your network’s devices, using SQL, and then use Python scripts to respond to any found threats. Orbital uses osquery to allow SQL queries to run against your organization’s endpoints. Creating and running Orbital queries and scripts is performed on the Investigate page.

The results for the queries and scripts that have been run can be found listed on the Results page. Result details can be viewed by drilling down into the individual results listed on the Results page.

Orbital’s Catalog provides hundreds of carefully researched and tested queries and scripts. Additionally, you can write your own SQL queries and Python scripts, which can be saved to the Catalog or discarded after a single use.

Important Points of Note:

Table of Contents